I have debugged into the assembly language for the following simple sample, but I never saw any instructions dealing with push eip/pop eip, which dealing with saving/restoring the return address when function foo completes. Any ideas?

Code:

int foo (int a, int b)
{
return a+b;
}

int main()
{
int a1 = 100;
int b1 = a1 + 100;

a1 = foo (a1, b1);

return 0;
}

thanks in advance,
George

07-21-2008

matsp

EIP is the program counter. It changes for every instruction, and it is managed by call and ret, jmp and other "flow control" instructions, so there's really little need to push or pop it explicitly - in fact, there's no instructions to do that. In fact, plain "ret" is the same as "pop eip", and in PDP-11, although there was a "ret" instrction, it actually had the same opcode as "mov (sp)+, pc".